CyberSecurity has gained prominence in the past few years with the proliferation of the Internet and Mobile handset. The mobile handset has put the Capitalise internet in everyone’s palm. On the one hand the Internet changed the way we communicate, conduct business, engage with people and businesses, but on the other hand the Internet also enabled anonymous entities to access your always connected devices by exploiting weaknesses in your devices or by exploiting weak passwords. In more recent times exploits target weaknesses in human psychology.
The goal of all exploits is to compromise your device, gain control of your device or gain access to your privileges on some other device, a server on the Capitalise internet (your photos or work data on a google drive or on an Amazon S3 bucket). Increasingly it is to gain control or access of your data. Devices are less valuable than the data that reside in those devices.
Cybersecurity is the practice and application of tools, techniques and processes to secure your devices and privileges on third party devices. The tools can be broken down into multiple specialised sub domains. This image-pdf (from Optiv) provides a nice classification of the different cybersecurity solution providers.
Some solutions target the network pathways through which malicious activity is carried out or malicious content is planted/distributed. Some solutions ensure robust authentication is present in all pathways. Some solutions monitor device activity to watch for any anomalous behaviour (either via artefacts on the device or via artefacts on the network wire. Please note ether is the wire in wireless). Some other solutions prevent data export from devices by locking down all possible ways by which data can be sent out (block hardware interfaces such as USB, block email attachments etc). Many solutions target the device directly. They monitor the device health continuously ensuring the device is always healthy. In summary Cybersecurity is a not a single point solution, but involves practising and applying defence in depth.
Asset Management is the branch of Cybersecurity that focusses on device health. It is often said you cannot secure what you do not know about. Once you know all your assets, you must ensure they are healthy “continuously”.
Brian Krebs, a reputed Cybersecurity expert summarised very succinctly thus (Sourced Credit: Kerbsonsecurity)
1. Do not install what you did not go looking for.
2. If you installed it, take care of it by ensuring it is up to date and free of known shortcomings/bugs.
3. If you are not using it, remove it.
This applies to enterprises as well as personal devices. It is vital that you identify all your devices and ensure they are running only such software as is needed and such software is the latest and the best the vendor has to offer. Ensure there are no unnecessary software on the device.